From: Bram Moolenaar <Bram@vim.org>
Date: Sun, 3 Sep 2017 13:17:48 +0000 (+0200)
Subject: patch 8.0.1047: buffer overflow in Ruby
X-Git-Tag: v8.0.1047
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=00ccf54630dc68a9b8aedb92b268f3b697081f68;p=vim

patch 8.0.1047: buffer overflow in Ruby

Problem:    Buffer overflow in Ruby.
Solution:   Allocate one more byte. (Dominique Pelle)
---

diff --git a/src/if_ruby.c b/src/if_ruby.c
index 02b59dd14..d38ed2fbb 100644
--- a/src/if_ruby.c
+++ b/src/if_ruby.c
@@ -984,7 +984,7 @@ static VALUE vim_message(VALUE self UNUSED, VALUE str)
     if (RSTRING_LEN(str) > 0)
     {
 	/* Only do this when the string isn't empty, alloc(0) causes trouble. */
-	buff = ALLOCA_N(char, RSTRING_LEN(str));
+	buff = ALLOCA_N(char, RSTRING_LEN(str) + 1);
 	strcpy(buff, RSTRING_PTR(str));
 	p = strchr(buff, '\n');
 	if (p) *p = '\0';
diff --git a/src/version.c b/src/version.c
index a57e11f5b..2034504cc 100644
--- a/src/version.c
+++ b/src/version.c
@@ -769,6 +769,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    1047,
 /**/
     1046,
 /**/